ALAS-2017-815 ---- gnutlsID: oval:org.secpod.oval:def:1600524 | Date: (C)2017-04-18 (M)2024-01-29 |
Class: PATCH | Family: unix |
A denial of service flaw was found in the way the TLS/SSL protocol definedprocessing of ALERT packets during a connection handshake. A remote attackercould use this flaw to make a TLS/SSL server consume an excessive amount of CPUand fail to accept connections form other clients. Multiple flaws were found in the way gnutls processed OpenPGP certificates. Anattacker could create specially crafted OpenPGP certificates which, when parsedby gnutls, would cause it to crash
Platform: |
Amazon Linux AMI |